Lucene search
K

7082 matches found

Tenable Nessus
Tenable Nessus
added 2020/07/20 12:0 a.m.66 views

Amazon Linux 2 : lftp (ALAS-2020-1453)

The version of lftp installed on the remote host is prior to 4.4.8-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1453 advisory. It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of...

7.8CVSS6AI score0.04782EPSS
Exploits1References3
OSV
OSV
added 2020/07/17 4:15 p.m.7 views

AZL-38206 CVE-2020-15586 affecting package python-tensorboard for versions less than 2.16.2-1

Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...

5.9CVSS6.8AI score0.02893EPSS
Exploits0References1
OSV
OSV
added 2020/07/17 4:15 p.m.5 views

AZL-79042 CVE-2020-15586 affecting package golang 1.25.7-1

Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...

5.9CVSS6.8AI score0.02893EPSS
Exploits0References1
OSV
OSV
added 2020/07/17 4:15 p.m.3 views

DEBIAN-CVE-2020-15586

Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...

5.9CVSS6.8AI score0.02893EPSS
Exploits0References1
OSV
OSV
added 2020/07/17 4:15 p.m.1 views

UBUNTU-CVE-2020-15586

Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...

5.9CVSS6.9AI score0.02893EPSS
Exploits0References3
0day.today
0day.today
added 2020/07/17 12:0 a.m.446 views

Wing FTP Server 6.3.8 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Wing FTP Server 6.3.8 - Remote Code Execution Authenticated Exploit Author: v1n1v131r4 Vendor Homepage: https://www.wftpserver.com/ Software Link: https://www.wftpserver.com/download.htm Version: 6.3.8 Tested on: Windows 10 CVE : -- Wing FTP Server have a web console based on Lua...

Exploits0
Packet Storm
Packet Storm
added 2020/07/16 12:0 a.m.482 views

Wing FTP Server 6.3.8 Remote Code Execution

Exploit Title: Wing FTP Server 6.3.8 - Remote Code Execution Authenticated Date: 2020-06-26 Exploit Author: v1n1v131r4 Vendor Homepage: https://www.wftpserver.com/ Software Link: https://www.wftpserver.com/download.htm Version: 6.3.8 Tested on: Windows 10 CVE : -- Wing FTP Server have a web conso...

7.4AI score
Exploits0
FireEye
FireEye
added 2020/07/16 12:0 a.m.44 views

capa: Automatically Identify Malware Capabilities

capa is the FLARE team’s newest open-source tool for analyzing malicious programs. Our tool provides a framework for the community to encode, recognize, and share behaviors that we’ve seen in malware. Regardless of your background, when you use capa, you invoke decades of cumulative reverse...

7.4AI score
Exploits0References14
Amazon
Amazon
added 2020/07/16 12:0 a.m.39 views

Medium: lftp

Issue Overview: It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled...

7.8CVSS6.2AI score0.04782EPSS
Exploits1
Exploit DB
Exploit DB
added 2020/07/16 12:0 a.m.510 views

Wing FTP Server 6.3.8 - Remote Code Execution (Authenticated)

Exploit Title: Wing FTP Server 6.3.8 - Remote Code Execution Authenticated Date: 2020-06-26 Exploit Author: v1n1v131r4 Vendor Homepage: https://www.wftpserver.com/ Software Link: https://www.wftpserver.com/download.htm Version: 6.3.8 Tested on: Windows 10 CVE : -- Wing FTP Server have a web conso...

7.4AI score
Exploits0
Hacker One
Hacker One
added 2020/07/15 3:44 p.m.6 views

Acronis: Acronis Sync Agent Service - Untrusted DLL Search-Ordering lead to Privilege Escalation

Vulnerability description not provided...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2020/07/14 12:30 p.m.37 views

X64Dbg - An Open-Source X64/X32 Debugger For Windows

An open-source binary debugger for Windows, aimed at malware analysis and reverse engineering of executables you do not have the source code for. There are many features available and a comprehensive plugin system to add your own. You can find more information on the blog! Screenshots Installatio...

7.3AI score
Exploits0References19
FireEye
FireEye
added 2020/07/07 6:0 p.m.21 views

Configuring a Windows Domain to Dynamically Analyze an Obfuscated Lateral Movement Tool

We recently encountered a large obfuscated malware sample that offered several interesting analysis challenges. It used virtualization that prevented us from producing a fully-deobfuscated memory dump for static analysis. Statically analyzing a large virtualized sample can take anywhere from...

Exploits0References4
Kitploit
Kitploit
added 2020/07/02 10:30 p.m.110 views

ShellGen - Reverse shell generator

This is a simple script that will generate a specific or all shellcodes for CTFs using the VPN IP address on tun0 the IPv4. INFORMATION Update has been made from sys library to argparse library done in version 0.8 Usage For help: shellgen -h shellgen --help If you want to skip update and just get...

7.5AI score
Exploits0References2
The Hacker News
The Hacker News
added 2020/07/01 9:8 a.m.105 views

A New Ransomware Targeting Apple macOS Users Through Pirated Apps

Cybersecurity researchers this week discovered a new type of ransomware targeting macOS users that spreads via pirated apps. According to several independent reports from K7 Lab malware researcher Dinesh Devadoss, Patrick Wardle, and Malwarebytes, the ransomware variant — dubbed "EvilQuest" — is...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2020/07/01 9:8 a.m.6 views

A New Ransomware Targeting Apple macOS Users Through Pirated Apps

Cybersecurity researchers this week discovered a new type of ransomware targeting macOS users that spreads via pirated apps. According to several independent reports from K7 Lab malware researcher Dinesh Devadoss, Patrick Wardle, and Malwarebytes, the ransomware variant — dubbed "EvilQuest " — is...

6AI score
Exploits0
Hacker One
Hacker One
added 2020/06/29 1:20 p.m.38 views

Visma Public: Reverse Tabnabbing in printing source document images

The security researcher was able to find a Reverse Tabnabbing bug in printing source document images functionality. This bug allows to replace current web page in users browser with a phishing one, facilitating phishing attacks...

3AI score
Exploits0
0day.today
0day.today
added 2020/06/29 12:0 a.m.151 views

Bolt CMS 3.7.0 Authenticated Remote Code Execution Exploit

This Metasploit module exploits multiple vulnerabilities in Bolt CMS version 3.7.0 and 3.6.x in order to execute arbitrary commands as the user running Bolt. Valid credentials for a Bolt CMS user are required. This module has been successfully tested against Bolt CMS 3.7.0 running on CentOS 7. Th...

7.9AI score
Exploits0
Kitploit
Kitploit
added 2020/06/28 9:55 p.m.282 views

Xeexe - Undetectable And XOR Encrypting With Custom KEY (FUD Metasploit RAT)

Undetectable Reverse shell & Xor encrypting with custom KEYFUD Metasploit Rat bypass Top Antivirus like BitDefender,Malwarebytes,Avast,ESET-NOD32,AVG,...PYTHON 3 Undetectable Reverse shell Metasploit Rat Xeexe is an FUD exploiting tool which compiles a malware with famous payload, and then the...

7.3AI score
Exploits0References2
Packet Storm
Packet Storm
added 2020/06/28 12:0 a.m.167 views

Windscribe 1.83 Unquoted Service Path

Exploit Title: Windscribe 1.83 - 'WindscribeService' Unquoted Service Path Date: 2020-06-26 Exploit Author: Ethan Seow Vendor Homepage: https://windscribe.com Version: v1.83 Build 20 Tested on: Microsoft Windows 10 Home 10.0.18363 Build 18363 filename : exploit.bat Code start @echo off sc config...

0.2AI score
Exploits0
Rows per page
Query Builder